public TimeStampToken( CmsSignedData signedData) { this.tsToken = signedData; if (!this.tsToken.SignedContentTypeOid.Equals(PkcsObjectIdentifiers.IdCTTstInfo.Id)) { throw new TspValidationException("ContentInfo object not for a time stamp."); } ICollection signers = tsToken.GetSignerInfos().GetSigners(); if (signers.Count != 1) { throw new ArgumentException("Time-stamp token signed by " + signers.Count + " signers, but it must contain just the TSA signature."); } IEnumerator signerEnum = signers.GetEnumerator(); signerEnum.MoveNext(); tsaSignerInfo = (SignerInformation)signerEnum.Current; try { CmsProcessable content = tsToken.SignedContent; MemoryStream bOut = new MemoryStream(); content.Write(bOut); this.tstInfo = new TimeStampTokenInfo( TstInfo.GetInstance( Asn1Object.FromByteArray(bOut.ToArray()))); Asn1.Cms.Attribute attr = tsaSignerInfo.SignedAttributes[ PkcsObjectIdentifiers.IdAASigningCertificate]; if (attr == null) { throw new TspValidationException( "no signing certificate attribute found, time stamp invalid."); } SigningCertificate signCert = SigningCertificate.GetInstance( attr.AttrValues[0]); this.certID = EssCertID.GetInstance(signCert.GetCerts()[0]); } catch (CmsException e) { throw new TspException(e.Message, e.InnerException); } }
public TimeStampToken(CmsSignedData signedData) { tsToken = signedData; if (!tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo)) { throw new TspValidationException("ContentInfo object not for a time stamp."); } ICollection signers = tsToken.GetSignerInfos().GetSigners(); if (signers.Count != 1) { throw new ArgumentException("Time-stamp token signed by " + signers.Count + " signers, but it must contain just the TSA signature."); } IEnumerator enumerator = signers.GetEnumerator(); enumerator.MoveNext(); tsaSignerInfo = (SignerInformation)enumerator.Current; try { CmsProcessable signedContent = tsToken.SignedContent; MemoryStream memoryStream = new MemoryStream(); signedContent.Write(memoryStream); tstInfo = new TimeStampTokenInfo(TstInfo.GetInstance(Asn1Object.FromByteArray(memoryStream.ToArray()))); Org.BouncyCastle.Asn1.Cms.Attribute attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; if (attribute != null) { SigningCertificate instance = SigningCertificate.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertID.GetInstance(instance.GetCerts()[0])); } else { attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; if (attribute == null) { throw new TspValidationException("no signing certificate attribute found, time stamp invalid."); } SigningCertificateV2 instance2 = SigningCertificateV2.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertIDv2.GetInstance(instance2.GetCerts()[0])); } } catch (CmsException ex) { throw new TspException(ex.Message, ex.InnerException); } }
public TimeStampToken(CmsSignedData signedData) { //IL_0063: Unknown result type (might be due to invalid IL or missing references) //IL_0094: Unknown result type (might be due to invalid IL or missing references) //IL_009a: Expected O, but got Unknown tsToken = signedData; if (!tsToken.SignedContentType.Equals(PkcsObjectIdentifiers.IdCTTstInfo)) { throw new TspValidationException("ContentInfo object not for a time stamp."); } global::System.Collections.ICollection signers = tsToken.GetSignerInfos().GetSigners(); if (signers.get_Count() != 1) { throw new ArgumentException(string.Concat((object)"Time-stamp token signed by ", (object)signers.get_Count(), (object)" signers, but it must contain just the TSA signature.")); } global::System.Collections.IEnumerator enumerator = ((global::System.Collections.IEnumerable)signers).GetEnumerator(); enumerator.MoveNext(); tsaSignerInfo = (SignerInformation)enumerator.get_Current(); try { CmsProcessable signedContent = tsToken.SignedContent; MemoryStream val = new MemoryStream(); signedContent.Write((Stream)(object)val); tstInfo = new TimeStampTokenInfo(TstInfo.GetInstance(Asn1Object.FromByteArray(val.ToArray()))); Attribute attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; if (attribute != null) { SigningCertificate instance = SigningCertificate.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertID.GetInstance(instance.GetCerts()[0])); return; } attribute = tsaSignerInfo.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; if (attribute == null) { throw new TspValidationException("no signing certificate attribute found, time stamp invalid."); } SigningCertificateV2 instance2 = SigningCertificateV2.GetInstance(attribute.AttrValues[0]); certID = new CertID(EssCertIDv2.GetInstance(instance2.GetCerts()[0])); } catch (CmsException ex) { throw new TspException(((global::System.Exception)ex).get_Message(), ((global::System.Exception)ex).get_InnerException()); } }
private void ReadInformation() { if (_signerInformation.SignedAttributes[PkcsObjectIdentifiers.Pkcs9AtSigningTime] != null) { _signingDate = DerUtcTime.GetInstance(_signerInformation.SignedAttributes[PkcsObjectIdentifiers.Pkcs9AtSigningTime].AttrValues[0]).ToDateTime().ToLocalTime(); } if (_signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAAEtsSignerAttr] != null) { var signerAttr = SignerAttribute.GetInstance(_signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAAEtsSignerAttr].AttrValues[0]); List <string> claimedRoles = new List <string>(); foreach (BcCms.Attribute claimedAttr in signerAttr.ClaimedAttributes) { foreach (var value in claimedAttr.AttrValues) { claimedRoles.Add(DerUtf8String.GetInstance(value).GetString()); } } _signerRoles = claimedRoles; } if (_signerInformation.UnsignedAttributes != null && _signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken] != null) { _timeStamp = new TimeStampToken(new CmsSignedData(_signerInformation.UnsignedAttributes[PkcsObjectIdentifiers.IdAASignatureTimeStampToken].AttrValues[0].GetEncoded())); } // Se leen las contrafirmas var signers = _signerInformation.GetCounterSignatures().GetSigners(); _counterSignatures = new List <SignerInfoNode>(); foreach (var signer in signers) { SignerInfoNode node = new SignerInfoNode((SignerInformation)signer, _sigDocument); _counterSignatures.Add(node); } // Se intenta identificar el certificado empleado para la firma, esto quizás se pueda mejorar byte[] certHash = null; IssuerSerial issuerSerial = null; if (_signerInformation.DigestAlgOid == DigestMethod.SHA1.Oid) { BcCms.Attribute attr = _signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificate]; SigningCertificate sc = SigningCertificate.GetInstance(attr.AttrValues[0]); EssCertID ecid = sc.GetCerts()[0]; issuerSerial = ecid.IssuerSerial; certHash = ecid.GetCertHash(); } else { BcCms.Attribute attr = _signerInformation.SignedAttributes[PkcsObjectIdentifiers.IdAASigningCertificateV2]; SigningCertificateV2 sc2 = SigningCertificateV2.GetInstance(attr.AttrValues[0]); EssCertIDv2 ecid = sc2.GetCerts()[0]; issuerSerial = ecid.IssuerSerial; certHash = ecid.GetCertHash(); } DigestMethod digestMethod = DigestMethod.GetByOid(_signerInformation.DigestAlgOid); foreach (X509CertificateStructure cs in _sigDocument.Certificates) { if (issuerSerial == null || cs.TbsCertificate.SerialNumber.Equals(issuerSerial.Serial)) { byte[] currentCertHash = digestMethod.CalculateDigest(cs.GetEncoded()); if (certHash.SequenceEqual(currentCertHash)) { _certificate = new X509Certificate(cs); break; } } } }
private void overrideAttrsTest(AsymmetricKeyParameter privateKey, X509Certificate cert, IX509Store certs) { SignerInfoGeneratorBuilder signerInfoGenBuilder = new SignerInfoGeneratorBuilder(); IssuerSerial issuerSerial = new IssuerSerial( new GeneralNames( new GeneralName( X509CertificateStructure.GetInstance(cert.GetEncoded()).Issuer)), new DerInteger(cert.SerialNumber)); byte[] certHash256; byte[] certHash; { Asn1DigestFactory digCalc = Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1); IStreamCalculator calc = digCalc.CreateCalculator(); using (Stream s = calc.Stream) { byte[] crt = cert.GetEncoded(); s.Write(crt, 0, crt.Length); } certHash = ((SimpleBlockResult)calc.GetResult()).Collect(); } { Asn1DigestFactory digCalc = Asn1DigestFactory.Get(NistObjectIdentifiers.IdSha256); IStreamCalculator calc = digCalc.CreateCalculator(); using (Stream s = calc.Stream) { byte[] crt = cert.GetEncoded(); s.Write(crt, 0, crt.Length); } certHash256 = ((SimpleBlockResult)calc.GetResult()).Collect(); } EssCertID essCertID = new EssCertID(certHash, issuerSerial); EssCertIDv2 essCertIDv2 = new EssCertIDv2(certHash256, issuerSerial); signerInfoGenBuilder.WithSignedAttributeGenerator(new TestAttrGen(essCertID, essCertIDv2)); Asn1SignatureFactory sigfact = new Asn1SignatureFactory("SHA1WithRSA", privateKey); SignerInfoGenerator signerInfoGenerator = signerInfoGenBuilder.Build(sigfact, cert); TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(signerInfoGenerator, Asn1DigestFactory.Get(OiwObjectIdentifiers.IdSha1), new DerObjectIdentifier("1.2"), true); tsTokenGen.SetCertificates(certs); TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator(); TimeStampRequest request = reqGen.Generate(TspAlgorithms.Sha1, new byte[20], BigInteger.ValueOf(100)); TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TspAlgorithms.Allowed); TimeStampResponse tsResp = tsRespGen.Generate(request, BigInteger.ValueOf(23), DateTime.UtcNow); tsResp = new TimeStampResponse(tsResp.GetEncoded()); TimeStampToken tsToken = tsResp.TimeStampToken; tsToken.Validate(cert); Asn1.Cms.AttributeTable table = tsToken.SignedAttributes; Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificate], "no signingCertificate attribute found"); Assert.NotNull(table[PkcsObjectIdentifiers.IdAASigningCertificateV2], "no signingCertificateV2 attribute found"); SigningCertificate sigCert = SigningCertificate.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificate].AttrValues[0]); Assert.IsTrue(cert.CertificateStructure.Issuer.Equals(sigCert.GetCerts()[0].IssuerSerial.Issuer.GetNames()[0].Name)); Assert.IsTrue(cert.CertificateStructure.SerialNumber.Value.Equals(sigCert.GetCerts()[0].IssuerSerial.Serial.Value)); Assert.IsTrue(Arrays.AreEqual(certHash, sigCert.GetCerts()[0].GetCertHash())); SigningCertificate sigCertV2 = SigningCertificate.GetInstance(table[PkcsObjectIdentifiers.IdAASigningCertificateV2].AttrValues[0]); Assert.IsTrue(cert.CertificateStructure.Issuer.Equals(sigCertV2.GetCerts()[0].IssuerSerial.Issuer.GetNames()[0].Name)); Assert.IsTrue(cert.CertificateStructure.SerialNumber.Value.Equals(sigCertV2.GetCerts()[0].IssuerSerial.Serial.Value)); Assert.IsTrue(Arrays.AreEqual(certHash256, sigCertV2.GetCerts()[0].GetCertHash())); }